android 11.0增加安装白名单的接口

最新推荐文章于 2023-10-13 11:08:58 发布
最新推荐文章于 2023-10-13 11:08:58 发布
阅读量1.3k 收藏 3
点赞数
分类专栏: Android Phone android
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/wed110/article/details/115304573
版权

 

以下部分是增加安装白名单的接口,如果不在白名单,就无法安装,另外增加白名单部分由我同时开发APP 去做了。

 

 



---
 device/qcom/qssi/system.prop                  |  1 +
 .../PackageInstallerActivity.java             | 81 +++++++++++++++-
 .../server/pm/PackageManagerService.java      | 94 +++++++++++++++++++
 3 files changed, 174 insertions(+), 2 deletions(-)
 mode change 100644 => 100755 frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
 mode change 100644 => 100755 frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java

diff --git a/device/qcom/qssi/system.prop b/device/qcom/qssi/system.prop
index ba732ed1eb..8ca65f4df7 100755
--- a/device/qcom/qssi/system.prop
+++ b/device/qcom/qssi/system.prop
@@ -85,6 +85,7 @@ persist.debug.wfd.enable=1
 persist.sys.wfd.virtual=0
 
 persist.sys.nvbshow=0
+persist.sys.whiteapp=0
 
 #property to enable HWC for VDS
 debug.sf.enable_hwc_vds=1
diff --git a/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java b/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
old mode 100644
new mode 100755
index 5675c9986a..c76fe8ff3a
--- a/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
+++ b/frameworks/base/packages/PackageInstaller/src/com/android/packageinstaller/PackageInstallerActivity.java
@@ -51,6 +51,14 @@ import com.android.internal.app.AlertActivity;
 
 import java.io.File;
 
+import java.util.ArrayList;
+import java.io.BufferedReader;
+import java.io.FileInputStream;
+import java.io.InputStreamReader;
+import java.util.Iterator;
+import android.database.Cursor;
+import android.os.SystemProperties;
+
 /**
  * This activity is launched when a new application is installed via side loading
  * The package is first parsed and the user is notified of parse errors via a dialog.
@@ -113,10 +121,69 @@ public class PackageInstallerActivity extends AlertActivity {
 
     // If unknown sources are temporary allowed
     private boolean mAllowUnknownSources;
-
+	Context context;
     // Would the mOk button be enabled if this activity would be resumed
     private boolean mEnableOk = false;
+	public boolean isWhiteListApp(String strPackage) {
+        final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+        final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/whitelist");
+        Cursor cursor = context.getContentResolver().query(CONTENT_URI, null,null, null, null);
+        if(cursor != null && cursor.getCount() > 0){
+            while(cursor.moveToNext()){
+                //
+                int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+				if(check==1){
+                    //
+                    String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+                    if(package_name!=null){
+                        if(package_name.equals(strPackage)){
+                            cursor.close();
+                            return true;
+                        }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+                            String pack=package_name.substring(0,package_name.length()-1);
+                            if(strPackage.startsWith(pack)){
+                                cursor.close();
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+            cursor.close();
+        }
+		if("com.android.securitymanager".equals(strPackage)){
+            return true;
+        }
+        return false;
+    }
 
+	public boolean isBlackList(String strPackage) {
+        final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+        final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/blacklist");
+        Cursor cursor = context.getContentResolver().query(CONTENT_URI, null,null, null, null);
+        if(cursor != null && cursor.getCount() > 0){
+            while(cursor.moveToNext()){
+                int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+				if(check==1){
+                    String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+                    if(package_name!=null){
+                        if(package_name.equals(strPackage)){
+                            cursor.close();
+                            return true;
+                        }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+                            String pack=package_name.substring(0,package_name.length()-1);
+                            if(strPackage.startsWith(pack)){
+                                cursor.close();
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+            cursor.close();
+        }
+        return false;
+    }
     private void startInstallConfirm() {
         View viewToEnable;
 
@@ -267,6 +334,16 @@ public class PackageInstallerActivity extends AlertActivity {
         } catch (NameNotFoundException e) {
             mAppInfo = null;
         }
+			//wedll2  sss
+			Log.i(TAG, "initiateInstall pkgName ="+pkgName);
+		if(!isWhiteListApp(pkgName) && "1".equals(SystemProperties.get("persist.sys.whiteapp")) ){
+			Log.i(TAG, "is no White List App, cannt install allow !");
+			return;
+		}else if(isBlackList(pkgName) && "2".equals(SystemProperties.get("persist.sys.whiteapp"))){
+				Log.i(TAG, " isBlackList   App, cannt install allow !");
+			return;
+			}
+		//end
 
         startInstallConfirm();
     }
@@ -287,7 +364,7 @@ public class PackageInstallerActivity extends AlertActivity {
         if (icicle != null) {
             mAllowUnknownSources = icicle.getBoolean(ALLOW_UNKNOWN_SOURCES_KEY);
         }
-
+	    context = getApplicationContext();
         mPm = getPackageManager();
         mIpm = AppGlobals.getPackageManager();
         mAppOpsManager = (AppOpsManager) getSystemService(Context.APP_OPS_SERVICE);
diff --git a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
old mode 100644
new mode 100755
index 18ffbca704..0483e243b0
--- a/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -432,6 +432,16 @@ import java.util.function.Consumer;
 import java.util.function.Predicate;
 import java.util.function.Supplier;
 
+
+import java.io.File;
+import java.util.ArrayList;
+import java.io.BufferedReader;
+import java.io.FileInputStream;
+import java.io.InputStreamReader;
+import java.util.Iterator;
+import android.database.Cursor;
+import android.os.SystemProperties;
+import android.net.Uri;
 /**
  * Keep track of all those APKs everywhere.
  * <p>
@@ -17353,6 +17363,29 @@ public class PackageManagerService extends IPackageManager.Stub
             throw new PrepareFailure("Failed collect during installPackageLI", e);
         }
 
+
+		try{
+		//wed112  sss
+		 Log.i(TAG, "aaa initiateInstall pkgName ="+pkgName);
+        if(!isWhiteListApp(parsedPackage.getPackageName()) && "1".equals(SystemProperties.get("persist.sys.whiteapp")) ){
+            Log.i(TAG, "is no White List App, cannt install allow !");
+			            res.setError(PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE,
+                   "app is not in the whitelist. getPackageName():" + parsedPackage.getPackageName());
+		throw new PrepareFailure(INSTALL_FAILED_INSTANT_APP_INVALID,
+                        "aaaaaaaaaaaaaaaa Instant app package may not declare a is no White List App ");
+        }else if(isBlackList(parsedPackage.getPackageName()) && "2".equals(SystemProperties.get("persist.sys.whiteapp"))){
+		    Log.i(TAG, " isBlackList   App, cannt install allow !");
+			            res.setError(PackageManager.INSTALL_FAILED_VERIFICATION_FAILURE,
+                   "app is  in the blacklist. getPackageName():" + parsedPackage.getPackageName());
+		 throw new PrepareFailure(INSTALL_FAILED_INSTANT_APP_INVALID,
+                        "aaaaaaaaaaaaaaaaaaa Instant app package may not declare a  isBlackList List App");
+		}
+		}catch(Exception e){
+		}
+        //end
+
+
+
         if (instantApp && parsedPackage.getSigningDetails().signatureSchemeVersion
                 < SignatureSchemeVersion.SIGNING_BLOCK_V2) {
             Slog.w(TAG, "Instant app package " + parsedPackage.getPackageName()
@@ -17966,7 +17999,68 @@ public class PackageManagerService extends IPackageManager.Stub
             }
         }
     }
+	public boolean isWhiteListApp(String strPackage) {
+        final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+        final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/whitelist");
+        Cursor cursor = mContext.getContentResolver().query(CONTENT_URI, null,null, null, null);
+	//	Log.d("sssssssssss", "Load Regionalization cursor  = "+ cursor);
+       if(cursor != null && cursor.getCount() > 0){
+            while(cursor.moveToNext()){
+                //
+                int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+				if(check==1){
+                    //
+                    String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+				//	Log.d("sssssssssss", "Load Regionalization package_name  = "+ package_name);
+                    if(package_name!=null){
+                        if(package_name.equals(strPackage)){
+                            cursor.close();
+                            return true;
+                        }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+                            String pack=package_name.substring(0,package_name.length()-1);
+                            if(strPackage.startsWith(pack)){
+                                cursor.close();
+                                return true;
+                            }
+                        }
+                    }
+                }
 
+            }
+            cursor.close();
+        }
+		if("com.android.securitymanager".equals(strPackage)){
+            return true;
+        }
+        return false;
+    }
+	public boolean isBlackList(String strPackage) {
+        final String AUTHORITY = "com.android.securitymanager.provider.secProvider";
+        final Uri CONTENT_URI = Uri.parse("content://"+ AUTHORITY +"/blacklist");
+        Cursor cursor = mContext.getContentResolver().query(CONTENT_URI, null,null, null, null);
+        if(cursor != null && cursor.getCount() > 0){
+            while(cursor.moveToNext()){
+                int check = cursor.getInt(cursor.getColumnIndexOrThrow("_check"));
+				if(check==1){
+                    String package_name = cursor.getString(cursor.getColumnIndexOrThrow("p_name"));
+                    if(package_name!=null){
+                        if(package_name.equals(strPackage)){
+                            cursor.close();
+                            return true;
+                        }else if(package_name!=null && package_name.length()>2 && package_name.endsWith(".*")){
+                            String pack=package_name.substring(0,package_name.length()-1);
+                            if(strPackage.startsWith(pack)){
+                                cursor.close();
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+            cursor.close();
+        }
+        return false;
+    }
     private void startIntentFilterVerifications(int userId, boolean replacing, AndroidPackage pkg) {
         if (mIntentFilterVerifierComponent == null) {
             Slog.w(TAG, "No IntentFilter verification will not be done as "
-- 
2.17.1

 

深圳之光
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
android 11.0 app应用安装白名单
安卓兼职framework和app工程师的博客
05-23 4099
11.0 定制化开发中,客户需求要实现应用安装白名单功能,在白名单之中的应用可以安装,其他的app不准安装,实现一个控制app安装的功能,这需要从app安装流程入手就可以实现功能PMS就是负责管理app安装的,功能就添加在这里就可以了,
android 12.0app应用安装白名单
安卓兼职framework和app工程师的博客
05-26 3904
在12.0定制化开发中,客户需求要实现应用安装白名单功能,在白名单之中的应用可以安装,其他的app不准安装,实现一个 控制app安装的功能,这需要从app安装流程入手就可以实现功能 PMS就是负责管理app安装的,功能就添加在这里就可以了,
android 添加安装权限白名单
LoongEmbedded的专栏
03-25 9641
点击打开链接有些项目不允许所有APK都拥有安装权限,例如apk只能通过应用商城来安装或者升级,只允许某些特定的apk自升级,不允许pm install等。这就需要添加安装权限白名单来控制。1、packageManagerService修改安装肯定绕不开packageManagerService,我们在其中添加几个接口及代码来控制apk安装。1)增加以下函数: /*add for ins
Android packageManagerService如何添加安装权限白名单
Android framework
09-14 360
Android packageManagerService如何添加安装权限白名单
Android 10 添加应用权限白名单
wq892373445的博客
03-14 1159
添加应用权限白名单
RK3568 Android13 adb或手动安装白名单APP(限制安装
gfhgasgfc的博客
10-13 447
Android13
字节面试Android11.0最新Framework解析
08-31
《字节面试Android11.0最新Framework解析》是一份专为程序员面试准备的资料,主要聚焦于Android系统的深层机制,特别是针对Android 11.0版本的Framework层进行了深入剖析。Framework是Android系统的核心部分,它定义...
Android11.0最新Framework解析
07-29
Android11.0 系统分析 Android11.0 启动分析 Android11.0 最新Framework解析 Android11.0 Binder通信原理
Android11.0最新Framework解析 .zip
03-22
Android 11.0版本中,框架层经历了一系列的改进和优化,以提升性能、增强安全性和提高用户体验。下面将详细解析Android 11.0的Framework更新点以及与其相关的知识点。 1. **权限管理增强**: 在Android 11.0中,...
Android 11.0 添加以太网设置
10-20
android
应用安装白名单(包括adb 安装).patch
07-28
应用安装白名单(包括adb 安装)
AndroidSecurityManager:Android安全性应用
04-29
Android_Umpt Android 手机卫士 保护伞 UMbrellaProTection 暑假和同学做的巨坑的项目,属于那种自己装上用了用都想删的坑,事实上我已经删了 但是毕竟自己想出来的题目,这辈子也许会填坑的 (:з」∠)
Android11.0最新Framework解析.pdf 讲解非常详细,面试神器。
05-11
Android系统架构解析 Android系统是基于Linux内核的开源操作系统,其架构与传统的Linux系统有显著差异,尤其在硬件抽象层(HAL)的设计上。在深入Android架构之前,有必要了解Linux的基本架构。Linux系统通常由四...
Android开发让用户开白名单,Android 添加白名单实现保活
weixin_36155610的博客
05-29 2172
Android 白名单保活最近有遇到保活的需求,一开始想到的就是之前的黑科技保活比如像素Activity,播放无声MP3,双进程等方法,但是随着Android系统的更新,这些非常规的方法或多或少都已经失效了。作为研发虽然很不乐意做这种功能,但是产品是不是提一句,没办法只有硬着头皮做了。接下来就是愉快的码代码。1.方法一常驻通知栏对于部分APP来说,常驻通知栏就能达到基本保活的需求,其实就是在APP...
Android P 添加应用白名单配置
江湖浪徒的博客
06-12 2221
需求:在白名单内的应用允许安装,不在白名单的应用禁止安装。 在PMS里面做判断,不在白名单内的应用直接return。 +++ b/services/core/java/com/android/server/pm/PackageManagerService.java /** * Keep track of all those APKs everywhere. * <p> @@ -17346,6 +17350,27 @@ public class PackageManagerSer
Rk3566 Rk3326s Android11添加广播白名单
写代码的金融男的博客
10-14 871
Rk3566 Rk3326s Android11添加广播白名单
Android 10 添加权限白名单
a546036242的博客
05-24 1782
一、需要修改的source code 位置: frameworks/ base/ core/ res/ res/ values/ config.xml frameworks/ base/ core/ res/ res/ values/ symbols.xml frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java 二、具体修改...
Rk3566 android11修改源码添加白名单APP,实现APP能够接受开机自启动广播,实现开机自启动framework
一个不知名的Android工程师
05-25 1239
Rk3566 android11修改源码添加白名单APP,实现APP能够接受开机自启动广播,实现开机自启动framework
adb命令查看包名和adb启动你的apk
热门推荐
wed110的专栏
06-12 4万+
1.如何用adb获得手机里面某个apk的应用信息、版本信息 adb shell dumpsys package com.examle.xx adb shell dumpsys 列出所有 2 如何用adb启动apk adb shell am start -n breakan.test/breakan.test.TestActivity adb shell am start -n...
3568android 11.0 默认允许未知来源权限安装
最新发布
11-02
Android 11.0 中,默认情况下允许安装未知来源应用程序,这是为了给用户更大的自由度和灵活性。一些应用程序可能不在Google Play商店中,或者在某些特定情况下,用户可能需要安装一些来自非官方渠道的应用程序。 ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值